Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/kSB-plMX0QZSYjzHYn0T-xmKyeU.roa
File: kSB-plMX0QZSYjzHYn0T-xmKyeU.roa (raw, json)
Hash identifier: WcSb+zCJkqgrV5srrVgYBy+Jgy7zDcsb2jh3sS8+cqk=
Subject key identifier: 91:20:7E:A6:53:17:D1:06:52:62:3C:C7:62:7D:13:FB:19:8A:C9:E5
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 018570B06DAD486EE84D623E2975F227D461
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/kSB-plMX0QZSYjzHYn0T-xmKyeU.roa
Signing time: Mon 02 Jan 2023 04:14:48 +0000
ROA not before: Mon 02 Jan 2023 04:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197317
IP address blocks: 91.219.152.0/22 maxlen: 24
185.158.160.0/22 maxlen: 24
2a07:ae40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 May 2023 19:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:6d:ad:48:6e:e8:4d:62:3e:29:75:f2:27:d4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Jan 2 04:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91207ea65317d10652623cc7627d13fb198ac9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:90:1b:7e:94:f6:c0:e6:79:38:c8:d2:f6:4f:
1a:fa:46:5a:02:15:bf:4a:3e:b7:85:10:bd:d8:6c:
69:30:34:4c:4e:54:04:13:48:85:41:8f:68:9b:1d:
01:9a:24:ca:dd:69:b4:82:f3:b2:15:e4:e6:4f:1f:
86:6d:9c:67:24:69:8f:7d:75:42:89:5e:eb:99:4a:
49:19:5c:6a:cc:d9:3a:07:a6:ec:ad:ea:68:45:4f:
e7:29:dc:0e:ce:ae:a8:eb:5e:e5:74:63:49:93:71:
17:d2:0d:9f:ee:70:83:2b:18:03:e4:1a:47:94:9f:
68:12:a0:af:79:0d:7f:3e:85:26:2d:ce:57:97:1b:
29:2f:a6:93:7b:30:75:4c:82:fb:3a:dd:82:1b:eb:
e9:9e:14:d2:ec:24:f3:24:94:66:e3:14:f7:84:12:
45:1d:33:ed:01:61:39:1d:8c:de:12:71:6b:a4:5b:
24:3e:06:01:3a:49:87:9b:54:91:cd:0d:14:91:1c:
df:34:a5:44:73:2d:6b:c0:7f:34:7f:e5:77:9a:e3:
b3:11:e2:4e:66:29:43:16:af:2c:25:f7:53:4f:5f:
d1:95:42:3d:9e:4d:87:48:f5:3a:e3:c6:13:ef:07:
cd:46:35:8c:5d:fb:ee:6c:94:3e:db:db:b6:04:8a:
fa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:20:7E:A6:53:17:D1:06:52:62:3C:C7:62:7D:13:FB:19:8A:C9:E5
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/kSB-plMX0QZSYjzHYn0T-xmKyeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.152.0/22
185.158.160.0/22
IPv6:
2a07:ae40::/29
Signature Algorithm: sha256WithRSAEncryption
32:9d:de:21:15:bd:8a:c1:30:d9:eb:64:21:97:91:97:7c:d1:
fd:f5:bc:37:03:a1:c1:24:77:96:81:94:b6:db:da:5e:90:33:
72:80:7b:b9:c2:d3:e8:d9:21:40:0b:4e:00:09:70:61:c4:3d:
10:5a:ca:01:15:67:55:4b:4b:d6:ef:5d:66:6c:9d:20:e6:ea:
a1:15:db:4f:2b:c2:76:b7:61:c1:80:57:8b:70:8f:12:e0:7c:
cc:3f:ca:bc:95:d7:fc:cd:2e:d8:ce:ff:7e:f4:4c:5d:fd:b2:
8d:a1:ff:23:22:5e:54:0c:ed:72:ed:e0:5f:a8:b0:68:d3:9f:
d5:b5:1f:4f:9c:3c:a6:fa:f4:f1:c6:f4:1a:b7:6a:33:f1:d5:
ad:27:63:11:be:41:29:d5:80:08:6d:92:3c:b6:f0:5e:6f:60:
f1:eb:c4:d8:52:f2:7c:55:5e:93:41:45:e8:88:93:7b:f1:01:
79:81:19:98:bf:9c:5d:d9:7b:97:ed:8c:d3:58:0d:4e:56:67:
41:1f:0d:5c:9e:43:d9:00:da:9b:0a:a7:8a:24:52:d9:83:af:
0e:31:44:69:17:fa:98:01:dc:86:6d:01:6f:db:de:03:62:d5:
f1:c9:62:1e:84:67:5d:fa:4e:ec:e9:34:69:a2:04:29:d0:5f:
e3:97:84:4e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwsG2tSG7oTWI+KXXyJ9RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjMwMTAyMDQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTIwN2VhNjUzMTdkMTA2NTI2MjNjYzc2MjdkMTNmYjE5OGFjOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpAbfpT2wOZ5OMjS9k8a+kZaAhW/
Sj63hRC92GxpMDRMTlQEE0iFQY9omx0BmiTK3Wm0gvOyFeTmTx+GbZxnJGmPfXVC
iV7rmUpJGVxqzNk6B6bsrepoRU/nKdwOzq6o617ldGNJk3EX0g2f7nCDKxgD5BpH
lJ9oEqCveQ1/PoUmLc5XlxspL6aTezB1TIL7Ot2CG+vpnhTS7CTzJJRm4xT3hBJF
HTPtAWE5HYzeEnFrpFskPgYBOkmHm1SRzQ0UkRzfNKVEcy1rwH80f+V3muOzEeJO
ZilDFq8sJfdTT1/RlUI9nk2HSPU648YT7wfNRjWMXfvubJQ+29u2BIr6PQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJEgfqZTF9EGUmI8x2J9E/sZisnlMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL2tTQi1wbE1YMFFaU1lqekhZbjBULXhtS3llVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAJb25gD
BAK5nqAwDQQCAAIwBwMFAyoHrkAwDQYJKoZIhvcNAQELBQADggEBADKd3iEVvYrB
MNnrZCGXkZd80f31vDcDocEkd5aBlLbb2l6QM3KAe7nC0+jZIUALTgAJcGHEPRBa
ygEVZ1VLS9bvXWZsnSDm6qEV208rwna3YcGAV4twjxLgfMw/yryV1/zNLtjO/370
TF39so2h/yMiXlQM7XLt4F+osGjTn9W1H0+cPKb69PHG9Bq3ajPx1a0nYxG+QSnV
gAhtkjy28F5vYPHrxNhS8nxVXpNBReiIk3vxAXmBGZi/nF3Ze5ftjNNYDU5WZ0Ef
DVyeQ9kA2psKp4okUtmDrw4xRGkX+pgB3IZtAW/b3gNi1fHJYh6EZ136TuzpNGmi
BCnQX+OXhE4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org